Thanks to the hard work of Carlos Silva Villamizar and John Gamarra Gonzalez from High Developer S.A.S., we now have a Spanish translation of Bugify! We have had a number of requests for a Spanish translation lately so we are very thankful for their help.

All the Bugify translations so far have been done by helpful customers. We are so grateful for the hard work you do to provide translations for Bugify. Below are all the languages we currently support:

English

German

Spanish

French

Latvian

Dutch

Polish

Portuguese

Russian

Chinese

If you would like to see another language listed here, and are willing to help translate, please get in touch.

Some of these translations are a little out-of-date as new updates are released and we haven’t sent out requests for new strings to be translated. If you notice some English sentences showing when you should be seeing your language, please feel free to update the language file (application/languages) and send the updated file back to us. We are aiming to setup a better system for keeping track of translations, but in the meantime if you’re able to help out at all by filling in the missing translations where possible it would be very much appreciated.

Thanks again to all our wonderful customers!

P.S., the Spanish translation will be available in the next release due out very shortly.

A week ago we released v1.6.1052 which included a number of security fixes. The issues were reported to us by a security researcher on Saturday 7th June, 2014 (NZT). Within 24 hours, we had reviewed the reports and implemented fixes. The following 24 hours involved testing the updates, which was followed by a public release on Monday 9th June, 2014 (NZT). We then gave everyone a couple of days to update before detailing the security-related changes here.

The issues affected the Bugify web app – not bugify.com or any other apps/services.

Brute-force attacks on login
There were no measures in place to rate-limit or block brute-force attacks. We have implemented a temporary change to pause for 2 seconds on a failed auth. This will slow down brute-force attacks, but will not stop them (truth is, there aren’t really any solutions to prevent or stop brute-force attacks, but there is more we can – and will – do to mitigate them).
More info: https://www.owasp.org/index.php/Blocking_Brute_Force_Attacks

XSS (Cross site scripting)
There was one area that allowed XSS with label (tags) names. All data is automatically escaped when it is sent to the view, but this data was being loaded from a view helper and did not go through the auto-escaping. This has now been fixed.
More info: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

Customer support emails are a great source of new product ideas, feedback on existing features and bug reports. If you have been creating issues based on the emails from your customers, you can now do it more easily using SupportBee, the easy to use customer support app.

Using SupportBee’s Bugify App, you can send any ticket to Bugify and create an issue in a few clicks. If you have multiple projects in Bugify, you can select the project before sending the issue and also modify the issue title and description to help your development team understand the issue better.

The issue description contains a link to the SupportBee ticket so you can get back to it and reply to the customer once you have finished work on it.

If you have any feedback on this app or would like to see any additions to it, please tweet to us @SupportBee.

In the most recent update, we added the ability for owners to receive notifications for all new issues. This works like any other notification option, except that only users who are marked as an “owner” have the option.

By default, this new notification is turned on.

If your user account is marked as an “owner” and you don’t wish to receive emails for every new issue, please go to My Account and un-tick the “All new issues” notification option.